- Finally, there was quite a lot going on in the security area wrt. access control, authentication support, principal management and so. Angela, since you were mainly concerned with this, do you mind to give a quick update on what's new here?
there is just one topic that IMO is worth discussing here: i think we have a major performance issue with ContentSession#getLatestRoot that makes the creation of a new Session really expensive, while i would expect it to be for free. just came across this again when i wanted to replace the fake login by what will be the default setup in an oak-repo and will validate credentials against information stored in the MK without sharing a 'session' between different repo-logins as this was/is one of the pain points in jr2. regards angela
